
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 223 13-1450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



09/557,708 



04/25/2000 



Christopher A. S. Gage 



7590 03/18/2005 

STEVEN M GREENBERG 

CHRISTOPHER & WEISBERG P. A. 

200 EAST LAS OLAS BOULEVARD- SUITE 2040 

FORT LAUDERDALE, FL 33301 



RSW9-2000-0039-USI 



8638 



EXAMINER 



BAUGH, APRIL L 



ART UNIT 



PAPER NUMBER 



2141 

DATE MAILED: 03/18/2005 



Please find below and/or attached an Office communication concerning this application or proceeding. 



■j 



PTO-90C (Rev. 10/03) 



Office Action Summary 


Application No. 

09/557,708 


Applicant(s) 

GAGE ET AL 


Examiner 

April L Baugh 


Art Unit 

2141 





-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 



Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )D Responsive to communication(s) filed on . 

2a)M This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) M Claim(s) 1-27 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1-27 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Ciaim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attach ment(s) 

1 ) |3 Notice of References Cited (PTO-892) 

2) CD Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) D Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 

Paper No(s)/Mail Date . 



4) 0 Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) O Notice of Informal Patent Application (PTO-152) 

6) □ Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No. /Mail Date 20050317 



Application/Control Number: 09/557,708 
Ait Unit: 2141 



Page 2 



DETAILED ACTION 

Response to Amendment 

Applicant amended claims 1, 7, 9, 10, 12, 18, 20,and 22, therefore claims 1-27 are now pending. 

Response to Arguments 

1. Applicant's arguments with respect to claims 1,7, 10, 12, 18, 20, and 22 have been 
considered but are moot in view of the new ground(s) of rejection. 

Drawings 

2. The drawings were received on June 28, 2004. These drawings are accepted. 

Claim Rejections - 35 USC §103 

1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

2. Claim 1, 2, 6, 7, 12, 13, 17, 18, 22, 23, and 27 rejected under 35 U.S.C. 103(a) as being 
unpatentable over US Patent No. 6,076,108 to Courts et al. in view of Kunzelman et al. (US 
6,041,357) and further in view of Smith (US 5,835,724). 

Regarding claim 1, Courts et al. teaches a method of establishing a persistent relationship 
between an end user device and a server where the server is one of a plurality of servers managed 
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by a dispatcher (column 3, lines 5-7 of Courts et al.) and the end user device accesses the server 
using a uniform resource locator (URL) (column 5, lines 66-67 of Courts et al.), the method 
comprising the steps of: receiving, at the dispatcher, a request for information from the end user 
device; determining, by the dispatcher, which of the plurality of servers to select for satisfying 
the request (column 3, lines 5-7 and column 5, lines 66-67 of Courts et al); said key for 
accessing a storage area for information regarding the persistent relationship and the end user 
device (column 1, lines 45-50 of Courts et al). 

Courts et al. does not teach of creating a token. Kunzelman et al teaches creating, at the 
selected server, a token comprising at least an identifier for the selected server, a date/time 
stamp, and a key, inserting the token into the URL; and, sending, by the selected server to the 
client device, a response with the token inserted into the URL (column 2, lines 55-57 and column 
4, lines 33-49 and column 4, line 64 through column 5, line 9 and column 6, lines 43-45). 
Therefore it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to further modify the method for maintaining a state for a user session using a global 
session server by Courts et al. by creating a token because this notifies the system of the type of 
encryption information to use to encrypt the packet. 

Courts et al. in view of Kunzelman et al. does not teach accessing a server-side storage 
area for information regarding the persistent relationship and the end user device. Smith teaches 
accessing a server-side storage area for information regarding the persistent relationship and the 
end user device (abstract, column 1, lines 53-65, column 3, lines 30-45, column 4, lines 8-33, 
column 6, lines 16-40, column 12, lines 11-31, column 15, lines 48-60, and column 16, lines 15- 
24). There fore it would have been obvious to one of ordinary skill in the art at the time the 
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invention was made to further modify the method for maintaining a state for a user session using 
a global session server by Courts et al. in view of Kunzelman et al. by accessing a server-side 
storage area for information regarding the persistent relationship and the end user device because 
this allows a client to later access a server and continue a previous session based off of the stored 
session information. 

Referring to claim 7, Courts et al. teaches a method of routing a request by an end user 
device to a particular one of a plurality of redundant servers residing behind a network 
dispatching mechanism (column 3, lines 5-7 and column 6, line 5 of Courts et al.), said methods 
comprising the steps of: receiving, at the network dispatching mechanism, a request for 
information indicated by a uniform resource locator (URL) (column 5, lines 66-67 of Courts et 
al.); further determining, at the network dispatching mechanism, if a session binding is old 
(column 6, line 45 of Courts et al.); forwarding, by said network dispatching mechanism, the 
request, including the URL, to the particular server (column 3, lines 5-7 and column 6, line 5 of 
Courts et al); removing, by said particular : server, said valid routing information from the URL; 
storing, by said particular server, where said valid routing information can be accessed 
subsequently by an outbound data stream filter during the processing of an outbound reply 
related to said request (column 1, lines 48-53 of Courts et al.); accessing, by said particular 
server, a storage location where information regarding a session between the particular server 
and the end user device is stored (column 1, lines 52-55 of Courts et al.). 

Courts et al. does not teach of tokens and inserting, by said particular server, said session 
information into said request. Kunzelman et al. teaches determining, at the network dispatching 
mechanism, if said URL contains a valid routing token; if said URL contains a valid routing 
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token and said routing token is not old, forwarding the request, including the URL, to the 
particular server indicated by said valid routing token (column 2, lines 34-44 and 55-56); and 
accessing, by said particular server, a storage location where information regarding a session 
between the particular server and the end user device is stored; and inserting, by said particular 
server, said accessed session information into said request (column 5, lines 38-61 and column 
6, lines 43-51). Therefore it would have been obvious to one of ordinary skill in the art at the time 
the invention was made to further modify the method for maintaining a state for a user session 
using a global session server by Courts et al. by having a routing token and inserting, by said 
particular server, said session information into said request because this notifies the system of the 
type of encryption information to use to encrypt the packet and the validity of the packet and the 
server knows what type of information the server is authorized or prefers to receive. 

Courts et al. in view of Kunzelman et al. does not teach accessing, by said particular 
server, a server-side storage location where session information regarding a session between the 
particular server and the end user device is stored. Smith teaches accessing, by said particular 
server, a server-side storage location where session information regarding a session between the 
particular server and the end user device is stored (abstract, column 1, lines 53-65, column 3, 
lines 30-45, column 4, lines 8-33, column 6, lines 16-40, column 12, lines 11-31, column 15, 
lines 48-60, and column 16, lines 15-24). Therefore it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to further modify the method for 
maintaining a state for a user session using a global session server by Courts et al. in view of 
Kunzelman et al. by accessing a server-side storage area for information regarding the persistent 
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relationship and the end user device because this allows a client to later access a server and 
continue a previous session based off of the stored session information. 

Regarding claim 12, Courts et al teaches a computer program product having computer 
readable code means (column 1, lines 18-20 of Courts et al.) of establishing a persistent 
relationship between an end user device and a server where the server is one of a plurality of 
servers managed by a dispatcher (column 3, lines 5-7 of Courts et al.) and the end user device 
accesses the server using a uniform resource locator (URL) (column 5, lines 66-67 of Courts et 
al), the computer program product comprising: computer readable code means of receiving, at 
the dispatcher, a request for information from the end user device; computer readable code 
means of determining, by the dispatcher, which of the plurality of servers to select for satisfying 
the request (column 3, lines 5-7 and column 5, lines 66-67 of Courts et al); said key for 
accessing a storage area for information regarding the persistent relationship and the end user 
device (column 1, lines 45-50 of Courts et al.). 

Courts et al. does not teach of creating a token. Kunzelman et al. teaches computer 
readable code means of creating, at the selected server, a token comprising at least an identifier 
for the selected server, a date/time stamp, and a key, computer readable code means of inserting 
the token into the URL; and, computer readable code mans of sending, by the selected server to 
the client device, a response with the token inserted into the URL (column 2, lines 55-57 and 
column 4, lines 33-49 and column 4, line 64 through column 5, line 9 and column 6, lines 43- 
45). Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to further modify the method for maintaining a state for a user session using 
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a global session server by Courts et al. by creating a token because this notifies the system of the 
type of encryption information to use to encrypt the packet. 

Courts et al. in view of Kunzelman et al. does not teach accessing a server-side storage 
area for information regarding the persistent relationship and the end user device. Smith teaches 
accessing a server-side storage area for information regarding the persistent relationship and the 
end user device (abstract, column 1, lines 53-65, column 3, lines 30-45, column 4, lines 8-33, 
column 6, lines 16-40, column 12, lines 11-31, column 15, lines 48-60, and column 16, lines 15- 
24), There fore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to further modify the method for maintaining a state for a user session using 
a global session server by Courts et al. in view of Kunzelman et al. by accessing a server-side 
storage area for information regarding the persistent relationship and the end user device because 
this allows a client to later access a server and continue a previous session based off of the stored 
session information. 

Regarding claim 18, Courts et al. teaches a computer program product having computer 
readable program code (column 1, lines 18-20 of Courts et al.) for routing a request by an end 
user device to a particular one of a plurality of redundant servers residing behind a network 
dispatching mechanism (column 3, lines 5-7 and column 6, line 5 of Courts et al.), said program 
product comprising: computer readable program code for receiving, at the network dispatching 
mechanism, a request for information indicated by a uniform resource locator (URL) (column 5, 
lines 66-67 of Courts et al.); computer readable program code for determining, at the network 
dispatching mechanism, if a session binding indicated by said routing token is old (column 6, 
line 45 of Courts et al.); computer readable program code for forwarding, by said network 
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dispatching mechanism, the request, including the URL, to the particular server (column 3, lines 
5-7 and column 6, line 5 of Courts et al.); computer readable program code for removing, by 
said particular server, said valid routing information from the URL; computer readable program 
code for storing, by said particular server, where said valid routing information can be accessed 
subsequently by an outbound data stream filter during the processing of an outbound reply 
related to said request (column 1, lines 48-53 of Courts et al); computer readable program code 
for accessing, by said particular server, a storage location where information regarding a session 
between the particular server and the end user device is stored (column 1, lines 52-55 of Courts 
et al.). 

Courts et al. does not teach of tokens and computer readable program code for inserting, 
by said particular server, said session information into said request. Kunzelman et al. teaches 
computer readable program code for determining, at the network dispatching mechanism, if said 
URL contains a valid routing token if said URL contains a valid routing token and said routing 
token is not old, computer readable program code for forwarding, by said network dispatching 
mechanism, the request, including the URL, to the particular server indicated by said valid 
routing token (column 2, lines 34-44 and 55-56); and computer readable program code for 
accessing, by said particular server, a storage location where information regarding a session 
between the particular server and the end user device is stored; and computer readable program 
code for inserting, by said particular server, said accessed session information into said request 
(column 5, lines 38-61 and column 6, lines 43-51). Therefore it would have been obvious to one 
of ordinary skill in the art at the time the invention was made to further modify the method for 
maintaining a state for a user session using a global session server by Courts et al by having a 
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routing token and computer readable program code for inserting, by said particular server, said 
session information into said request because this notifies the system of the type of encryption 
information to use to encrypt the packet and the validity of the packet and the server knows what 
type of information the server is authorized or prefers to receive. 

Courts et al. in view of Kunzelman et al. does not teach accessing, by said particular 
server, a server-side storage location where session information regarding a session between the 
particular server and the end user device is stored. Smith teaches accessing, by said particular 
server, a server-side storage location where session information regarding a session between the . 
particular server and the end user device is stored (abstract, column 1, lines 53-65, column 3, 
lines 30-45, column 4, lines 8-33, column 6, lines 16-40, column 12, lines 11-31, column 15, 
lines 48-60, and column 16, lines 15-24). Therefore it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to further modify the method for 
maintaining a state for a user session using a global session server by Courts et al. in view of 
Kunzelman et al. by accessing a server-side storage area for information regarding the persistent 
relationship and the end user device because this allows a client to later access a server and 
continue a previous session based off of the stored session information. 

Referring to claim 22, Courts et al. teaches a network dispatcher for establishing a 
persistent relationship between an end user device and a server where the server is one of a 
plurality of servers managed by said network dispatcher (column 3, lines 5-7 of Courts et al), 
said network dispatcher comprising: means for receiving a request for information from said end 
user device, said request for information including a uniform resource locator (URL) (column 5, 
lines 66-67 of Courts et al.); means for determining which of the plurality of servers to select for 
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satisfying said request for information (column 3, lines 5-7 and column 5, lines 66-67 of Courts 
et al.); said key for accessing a storage area for information regarding the persistent relationship 
and the end user device (column 1, lines 45-50 of Courts et al)- 

Courts et al. does not teach of creating a token, Kunzelman et al. teaches means for 
creating, at said selected server, a token comprising at least an identifier for the selected server, a 
date/time stamp, and a key, means for inserting the token into the URL; and means for sending, 
by the selected server, a response with the token inserted into the URL to the client device 
(column 2, lines 55-57 and column 4, lines 33-49 and column 4, line 64 through column 5, line 9 
and column 6, lines 43-45). Therefore it would have been obvious to one of ordinary skill in the 
art at the time the invention was made to further modify the method for maintaining a state for a 
user session using a global session server by Courts et al. by creating a token because this 
notifies the system of the type of encryption information to use to encrypt the packet. 

Courts et al. in view of Kunzelman et al. does not teach accessing a server-side storage 
area for information regarding the persistent relationship and the end user device. Smith teaches 
accessing a server-side storage area for information regarding the persistent relationship and the 
end user device (abstract, column 1, lines 53-65, column 3, lines 30-45, column 4, lines 8-33, 
column 6, lines 16-40, column 12, lines 11-31, column 15, lines 48-60, and column 16, lines 15- 
24). Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to further modify the method for maintaining a state for a user session using 
a global session server by Courts et al. in view of Kunzelman et al. by accessing a server-side 
storage area for information regarding the persistent relationship and the end user device because 
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this allows a client to later access a server and continue a previous session based off of the stored 
session information. 

Referring to claim 2, 13, and 23, Courts et al. teaches a method [a computer program 
product and a network dispatcher] as claimed in claim 1, 12, and 22 (column 3, lines 5-7 of 
Courts et al)- 

Courts et al. does not teach of encoding tokens using a modified Base64 encoding. 
Kunzelman et al. teaches wherein said token is encoded using a modified Base64 encoding 
(column 6, lines 58-59 of Kunzelman et al. ). Therefore it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to further modify the method for 
maintaining a state for a user session using a global session server by Courts et al. by encoding 
tokens using a modified Base64 encoding because this Base64 is one of many encryption 
methods. 

Regarding claim 6, 17, and 27, Courts et al. teaches a method [a computer program 
product and a network dispatcher] as claimed in claim 1,12, and 22 wherein said information 
regarding the persistent relationship is stored as a cookie on said server (column 5, lines 50-52 of 
Courts et al.). 

3. Claim 3-5, 14-16, and 24-26 rejected under 35 U.S.C. 103(a) as being unpatentable over 
US Patent No. 6,076,108 to Courts et al in view of Kunzelman et al. (US 6,041,357) and 
Smith(US 5,835,724) as applied to claim 1, 2, 6, 7, 12, 13, 17, 18, 22, 23, and 27 above, and 
further in view of Vanstone et al (US 6,490,682). 



Application/Control Number: 09/557,708 Page 12 

Art Unit: 2141 

Regarding claim 3, 14, and 24, Courts et al. in view of Kunzelman et al. and Smith a 
method [a computer program product and a network dispatcher] as claimed in claim 1,12, and 
22 and tokens (column 3, lines 5-7 of Courts et al.). 

Courts et al. in view of Kunzelman et al. and Smith does not teach checksum or hash 
verification field. Vanstone et al teaches wherein said token has a checksum or hash verification 
field (column 2, lines 54-58 of Vanstone et al.). Therefore it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to further modify the method for 
maintaining a state for a user session using a global session server by Courts et al. in view of 
Kunzelman et al. and Smith by having checksum or hash verification field because this helps in 
identifying the client. 

Referring to claim 4, 15, and 25, Courts et al. in view of Kunzelman et al. and Smith 
teaches a method [a computer program product and a network dispatcher] as claimed in claim 3, 
14, and 24 (column 3, lines 5-7 of Courts et al.). 

Courts et al in view of Kunzelman et al. and Smith does not teach said hash is a SHA-1 
hash. Vanstone et al. teaches wherein said hash is a SHA-1 hash computed over said identifier 
for said selected server, said date/time stamp, and said key (column 2, lines 40-41 of Vanstone et 
al.). Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to further modify the method for maintaining a state for a user session using 
a global session server by Courts et al. in view of Kunzelman et al. and Smith by having said 
hash is a SHA-1 hash because this helps in identifying the client and SHA-1 is a type of hash 
function. 
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Referring to claim 5, 16, and 26, Courts et al. in view of Kunzelman et al. and Smith 
teaches a method [a computer program product and a network dispatcher] as claimed in claim 3, 
14, and 24 and Base64 encoding (column 3, lines 5-7 of Courts et al.). 

Courts et al. in view of Kunzelman et al. and Smith does not teach of checksum or hash. 
Vanstone et al. teaches wherein said checksum or hash (column 2, lines 56-58 of Vanstone et al.) 
is encoded. Therefore it would have been obvious to one of ordinary skill in the art at the time 
the invention was made to further modify the method for maintaining a state for a user session 
using a global session server by Courts et al. in view of Kunzelman et al. and Smith by having 
checksum or hash because this helps in identifying the client. 

4. Claim 8, 9, and 19 rejected under 35 U.S.C. 103(a) as being unpatentable over US Patent 
No. 6,076,108 to Courts et al. in view of Kunzelman et al. and Smith (US 6,041,357) as applied 
to claim 1, 2, 6, 7, 12, 13, 17, 18, 22, 23, and 27 above, and further in view of Colby et al (US 
6,006,264). 

Regarding claim 8 and 19, Courts et al. in view of Kunzelman et al. and Smith teaches 
the method [The computer program product] as claimed in claim 7 and 1 8 and the URL (column 

5, lines 66-67 of Courts et al.). 

Courts et al. in view of Kunzelman et al. and Smith does not teach of filtering. Colby et 
al. teaches wherein additional filtering of the URL is done prior to the forwarding step (column 
12, lines 6-7 of Colby et al.). Therefore it would have been obvious to one of ordinary skill in 
the art at the time the invention was made to further modify the method for maintaining a state 
for a user session using a global session server by Courts et al. in view of Kunzelman et al. and 
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Smith by filtering because this helps to authenticate the information more and also to retrieve 
more needed information from the packet. 

Regarding claim 9, Courts et al. in view of Kunzelman et al. and Smith teaches a method 
as claimed in claim 1 and the dispatcher (column 3, lines 5-7 of Courts et al.). 

Courts et al. in view of Kunzelman et al. and Smith does not teach of filtering. Colby et 
al. wherein all filtering (column 12, lines 6-7 of Colby et al.) is performed within the dispatcher. 
Therefore it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to further modify the method for maintaining a state for a user session using a global 
session server by Courts et al. in view of Kunzelman et al. and Smith by filtering because this 
helps to authenticate the information more and also to retrieve more needed information from the 
packet. 

5. Claim 10 and 20 rejected under 35 U.S. C. 103(a) as being unpatentable over US Patent 
No. 6,041,357 to Kunzelman et al. in view of Courts et al. (US 6,076,108) and further in view of 
Smith(US 5,835,724) and Lund et al (Us 6,760,758). 

Regarding claim 10, Kunzelman et al. teaches a method of sending information to a 
requesting end user from an application over a session wherein said application resides at one of 
a plurality of redundant servers, said method comprising the steps of: receiving response 
information from said application, said response information including a URL (uniform resource 
locator) (column 2, lines 35-44 and 55-56 and column 5, lines 1-14 and 25-37); determining if a 
key cookie has been used for storing session information between said end user and said 
application; if a key cookie has been used for storing session information, retrieving a session 
key from said key cookie; if a key cookie was not used for storing session information, retrieving 
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said session key from a control block removing all cookies from said response information; 
storing said removed cookies in a predetermined storage area; updating a date/time stamp in said 
sticky routing string inserting said sticky routing string into said URL; and transmitting said 
response information, including said URL, to said end user (column 2, lines 55-57 and column 5, 
lines 38-62 and column 6, lines 43-57). 

Kunzelman et al. does not teach a network dispatcher or a sticky routing string. Courts et 
al does teach redundant servers residing behind a network dispatcher (column 3, lines 5-7 of 
Courts et al.) updating said URL to indicate the removal of said cookies (column 1, lines 55-56 
of Courts et al); creating a sticky routing string (column 6, lines 6-8 of Courts et al). Therefore 
it would have been obvious to one of ordinary skill in the art at the time the invention was made 
to further modify the method for dynamic use and validation of http cookies for authentication of 
Kunzelman et al by having a network dispatcher or a sticky routing string because a dispatcher 
is needed to pass the packet to the server and sticky routing strings to help route request from the 
same client to the same server. 

Kunzelman et al. in view of Courts et al. does not teach predetermined server-side storage 
area. Smith teaches predetermined server-side storage area (abstract, column 1, lines 53-65, 
column 3, lines 30-45, column 4, lines 8-33, column 6, lines 16-40, column 12, lines 11-31, 
column 15, lines 48-60, and column 16, lines 15-24). Therefore it would have been obvious to 
one of ordinary skill in the art at the time the invention was made to further modify the method 
for dynamic use and validation of http cookies for authentication of Kunzelman et al. in view of 
Courts et al. by having a predetermined server-side storage because this allows a client to later 
access a server and continue a previous session based off of the stored session information. 
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Kunzelman et al. in view of Courts et al. and further in view of Smith does not teach 
server-side key cookie. Lund et al. teaches a server-side key cookie (abstract, column 1, lines 41- 
46 and column 1, line 65-column 2, line 1 and column 7, line 56-column 8, line 5 and column 8, 
lines 12-13 and 26-3 1 and 58-67). Therefore it would have been obvious to one of ordinary skill 
in the art at the time the invention was made to further modify the method for dynamic use and 
validation of http cookies for authentication of Kunzelman et al. in view of Courts et al. and 
further in view of Smith by having a server-side key cookie because this allows the user to utilize 
multiple client devices in the same client-server session. 

Referring to claim 20, Kunzelman et al. teaches a computer program product having 
computer readable program means sending information to a requesting end user from an 
application over a session wherein said application resides at one of a plurality of redundant 
servers, said computer program product comprising: computer readable programming means of 
receiving response information from said application, said response information including a URL 
(uniform resource locator) (column 2, lines 35-44 and 55-56 and column 5, lines 1-14 and 25- 
37); computer readable programming means of determining if a key cookie has been used for 
storing session information between said end user and said application; if a key cookie has been 
used for storing session information, computer readable programming means of retrieving a 
session key from said key cookie; if a key cookie was not used for storing session information, 
computer readable programming means of retrieving said session key from a control block; 
computer readable programming means of removing all cookies from said response information; 
computer readable programming means of storing said removed cookies in a predetermined 
storage area; computer readable programming means of updating a date/time stamp in said sticky 
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routing string; computer readable programming means of inserting said sticky routing string into 
said URL; and computer readable programming means of transmitting said response information, 
including said URL, to said end user (column 2, lines 55-57 and column 5, lines 38-62 and 
column 6, lines 43-57). 

Kunzelman et al does not teach a network dispatcher or a sticky routing string. Courts et 
al. does teach redundant servers residing behind a network dispatcher (column 3, lines 5-7 of 
Courts et al.) computer readable programming means of updating said URL to indicate the 
removal of said cookies (column 1, lines 55-56 of Courts et al.) ; computer readable programming 
means of creating a sticky routing string (column 6, lines 6-8 of Courts et al.). Therefore it would 
have been obvious to one of ordinary skill in the art at the time the invention was made to further 
modify the method for dynamic use and validation of http cookies for authentication by 
Kunzelman et al. by having a network dispatcher or a sticky routing string because a dispatcher 
is needed to pass the packet to the server and sticky routing strings to help route request from the 
same client to the same server. 

Kunzelman et al. in view of Courts et al. does not teach predetermined server-side storage 
area. Smith teaches predetermined server-side storage area (abstract, column 1, lines 53-65, 
column 3, lines 30-45, column 4, lines 8-33, column 6, lines 16-40, column 12, lines 11-31, 
column 15, lines 48-60, and column 16, lines 15-24). Therefore it would have been obvious to 
one of ordinary skill in the art at the time the invention was made to further modify the method 
for dynamic use and validation of http cookies for authentication of Kunzelman et al. in view of 
Courts et al. by having a predetermined server-side storage because this allows a client to later 
access a server and continue a previous session based off of the stored session information. 
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Kunzelman et al. in view of Courts et al. and further in view of Smith does not teach 
server-side key cookie. Lund et al. teaches a server-side key cookie (abstract, column 1, lines 41- 
46 and column 1, line 65-column 2, line 1 and column 7, line 56-column 8, line 5 and column 8, 
lines 12-13 and 26-31 and 58-67). Therefore it would have been obvious to one of ordinary skill 
in the art at the time the invention was made to further modify the method for dynamic use and 
validation of http cookies for authentication of Kunzelman et al. in view of Courts et al. and 
further in view of Smith by having a server-side key cookie because this allows the user to utilize 
multiple client devices in the same client-server session. 

6. Claim 1 1 and 21 rejected under 35 U.S.C. 103(a) as being unpatentable over US Patent 
No. 6,374, 359 to Kunzelman et al. in view of Courts et al. (US 6,076,108) and further in view 
of Smith(US 5,835,724) and Lund et al (Us 6,760,758) as applied to claimlO and 20 above, and 
further in view of Colby et al (US 6,006,264). 

Regarding claim 1 1 and 21, Kunzelman et al. in view of Courts et al. and further in view 
of Smith and Lund et al. teaches a method [a computer program product] as claimed in claim 10 
and 20 and said response information (column 1, lines 53-55 of Courts et al.). 

Kunzelman et al. in view of Courts et al. and further in view of Smith and Lund et al. 
does not teach of filtering. Colby et al. wherein, prior to said determining step, said response 
information is transmitted from said application through one or more filters (column 12, lines 6-7 
of Colby et al.). Therefore it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to further modify the method for dynamic use and validation of http 
cookies for authentication by Kunzelman et al. in view of Courts et al. and further in view of 



Application/Control Number: 09/557,708 Page 1 9 

Art Unit: 2141 

Smith and Lund et al. by filtering because this helps to authenticate the information more and 
also to retrieve more needed information from the packet. 

Conclusion 

7. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. The following patent is cited to further show the state of the art with respect to URL 
based sticky routing tokens in general: Bellmore et al., Okamoto et al., Devine et al., Phaal, 
Danner et al, and Grantges, Jr. et al. 

8, Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1. 136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to April L Baugh whose telephone number is 571-272-3877. The 
examiner can normally be reached on Monday- Friday 9:00am-5:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Rupal Dharia can be reached on 571-272-3880. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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